Main menu

This week in cyber conflict: July 4th – July 8th

Coming out of the weekend the big news was the attacks on the various department of energy laboratory environments. At first blush it appeared and was reported as a significant advanced persistent threat event. Now I’m not exactly sure what that means, but I am absolutely sure a whole bunch of pundits will explain it in detail throughout the week. As we have seen the terminology often is chosen for the emotional and fear or pseudo intellectulism inherent in euphemisms rather than reality or factual discussion.

Over the weekend Kim Komando of podcasting and radio fame waded into the shallow end of the conceptual ideas pool with a fear uncertainty and doubt piece on how to survive a cyber attack. She is suggesting preparing for 30 days and her first item in your emergency kit is cash because ATM’s won’t work. She suggests using Facebook or Twitter to coordinate your families but here scenario has cell phone coverage not working. She admits this is a bit tricky but continues to confuse the reader with meandering FUD. Being prepared for self sustaining care in case of disaster is always a good idea regardless of “cyber fud”. Think of it this way though. At 96 hours most food in refrigerators is going to start going bad without electricity. Depending on the city at a week of water rationing most cisterns and water towers will be empty. At two weeks those unprepared are going to be getting hungry, and well at one month out in a major disaster your last worry is going to be cash. My problem with this article is it sensationalizes using the key words of cyber and attack while giving nothing to the reader.

As the week ended we find Marcus Ranum stating that only nation states can engage in cyber warfare. Which is likely true when considering the United Nations charter and the Laws of Armed Conflict (LOAC). However, that is a distinction in semantics. It is not necessarily true that non-state adversaries can’t reach the level of conflict through cyber means that a nation state may hold them as actors or agency of another nation state. Dunlap in spring 2011 published an intriguing study of LOAC, and when balanced with the work by Libicki in Cyber Deterrence there is a strong suggestion that only non-state actors would engage in cyber conflict. The inherent symmetry and desire to win being broken by the guerrilla model (insurgency). That discussion though is what somebody who understands conflict models and technology might be able to suggest.

The over-hyped “Largest cyber attack yet” of Elion (70K accounts) versus the Washington Post hack (1.27 million accounts) would be great fodder for a discussion over media responsibility. Never mind the continuing to develop story of the national labs that were exploited over the July 4th weekend.

CyberWar is HellSC Magazine US
It’s not that I want to get into any cyberwarfare hype, but I think it’s quite clear enough now that those who wage war (or at least have to be prepared to wage war) on our behalf are taking the threat of cyberwar seriously, and that means we should …See all stories on this topic »

Web Resources

Cyber?

Cyber security and the technologies of securing the information enterprise of industry and government require a trans-disciplinary while still STEM focused research agenda. The term “cyber” itself denotes a human cognitive centric concept that deals with the disintermediation of technology centered within human activity. The changing focus from system threat mitigation to enterprise risk management has opened completely new areas of inquiry into security.

Power

Amateurs argue about crime and punishment. Experts argue about authorities and budgets.